A new tool to check if its bitcoins are vulnerable to the quantum computer is online. Are your BTCs safe?
In short
- A new tool lets you know if your bitcoins are at risk in the face of the emergence of the quantum computer.
- Answers to questions that come back often.
Eleven project watches over Bitcoin
Are your bitcoins threatened by the quantum computer? Maybe. There are two Modus Operandi.
The first is to draw from the transactions of “Mempool”, where transactions are waiting to be mined (added in a block). The reason being that we reveal the public keys at this precise moment.
However, it would take a quantum computer capable of deducting a private key from a public key in less time than it takes to confirm a transaction, about 10 minutes.
The second method, more likely, is a so-called “Harvest-Now-Decrypt-Later” attack. These are the addresses that users reuse, or of a very old format, which is discussed.
Project11 has just launched a tool Allowing to check if your addresses are vulnerable. It contains the complete list of addresses whose public keys are already exposed.
To leave this list, you must transfer your bitcoins to a new address. You can keep the same Wallet if the problem comes from a address reuse.
On the other hand, if the problem is the address format, they will have to be transferred to a new, more recent wallet generating addresses resistant to quantum threat.
Why are some addresses resistant and others aren't others?
Certain address formats are vulnerable because these are simply naked public keys. For example, addresses P2pk (Pay-to-Public-Key) and certain types of addresses P2TR (Pay-to-Taproot).
Type addresses P2pk Being simple public keys, they do not start with an identifiable header at first glance. Those of type P2TR start with ” bc1p “(Not to be confused with the addresses starting with” BC1Q »).
Conversely, resistant addresses are encodings of public keys. That is to say that they are offended by passing the SHA-256 hash function to the hatching function which is resistant to the quantum computer.
The types of addresses resistant to a quantum attack are P2PKH,, P2sh or P2WPKH. They start respectively with “1”, “3” and “BC1Q”.
- Address example P2WPKH ::
BC1QW508D6QEJXTDG4Y5R3ZARVARY0C5XW7KV8F3T4 - Example of addresses P2PKH ::
1HSK3S3O1NBVSB7RKAVWF7V9MVHT2HWZQ8 - Example of addresses P2sh ::
3Dymavewh38huzhz3vwyaqr8ytztupmsna
Nowadays, Wallets no longer generate addresses in P2PK format. So, unless you have downloaded your wallet before 2011, you most likely do not use intrinsically vulnerable addresses (P2PK and certain types of P2TR).
If your bitcoins are on vulnerable addresses, it is much more likely that you made the mistake of reusing them.
Two questions that come back often:
Do all the addresses of a wallet become vulnerable if only one is known?
No. The Trezor, Ledger or Electrum wallet are “HD” (Hierarchical Deterministic). In other words, each address has its own private key. Clearly, if one of the public keys is reused, it alone is vulnerable. The other addresses remain protected.
Unless the key public key (xpub) is compromised … Explanation:
An HD wallet generates all private and public keys from a SEED (the 12 or 24 words that you should preciously keep) according to a hierarchical structure defined by the BIP-32 standard.
The principle is that the same Seed always produces the same XPUB from which all the other keys are derived. This is why it is enough for the SEED to restore access to all its Bitcoins.
The reverse of the medal is that revealing its XPUB amounts to revealing all the public keys of its Wallet. Do not do it. All those who have for example shared their Xpub with the corner of Samurai are likely to regret it …
Second question: let's admit that I have 1 bitcoin on a single address. And that I spend 0.4 bitcoin. Are the 0.6 Bitcoin remaining vulnerable?
No. To spend 0.6 BTC, your wallet must spend all of the funds associated with this address, i.e. 1 bitcoin. During the transaction, 0.4 BTC moved to the recipient's address, and 0.6 BTC to a new address from your Wallet (as well as some satoshis in fresh for the minor).
The initial address is now vulnerable, but it does not matter since it is now empty. On the other hand, this address should no longer be reused to receive funds.
Do not miss this article to go further: Bitcoin, the quantum threat is getting closer.
Maximize your Cointribne experience with our 'Read to Earn' program! For each article you read, earn points and access exclusive rewards. Sign up now and start accumulating advantages.
